Show HN: Lemon – Alternative UI for AWS

igorzij 2021-08-17 13:27:41 +0000 UTC [ - ]

Hi all, Igor & Mo here from Lemon. We believe that developers deserve better than what AWS UI is today. It's incomprehensible, like an airplane cockpit. Whereas Lemon is built to feel more like your phone - no manual needed.

Lemon is easy to use, like Vercel or Heroku. You can deploy containers, webapps, functions, databases, etc. Networking and permissions are automatically configured, CI / CD just works, instrumentation connected. But it's not a PaaS - it manages your AWS account, and you retain full control.

Lemon has first-class support of Terraform, so you can customise every bit. It supports multiple environments and can export Terraform to a dedicated "infrastructure repository" if you connect one. And it will pick up your custom TF from that repo too, so it's a two-way sync.

By default Lemon uses ECS Fargate to deploy your containers. Kubernetes is supported too, as well as Lambda. Static webapps go to S3 and served via CloudFront. Every environment gets independent configuration so you can have high-load production and many short-lived cost-efficient dev environments, even one per branch if you'd like.

We've also just launched on ProductHunt: https://www.producthunt.com/posts/lemon-4

pachico 2021-08-17 19:35:37 +0000 UTC [ - ]

I really don't know what must happen before I give AWS CRUD credentials to a third party.

However, that something didn't happen by reading this website and its value proposition.

I'm saying this as, hopefully, source for inspiration. The amount of trust a third party must inspire before anyone (like me at least?) dares to delegate operation must be overwhelming.

rirze 2021-08-17 20:35:51 +0000 UTC [ - ]

Agreed, I'm not a fan of AWS's online console and its UI/UX, but my distaste isn't enough to login to AWS through another site. I'd rather navigate by CLI/API before I do that.

Furthermore, I'm not really a fan of these closed-source available-for-pricing, enhancement products. They last for a few months in pre-release form, gauge that they don't have the customer numbers to justify their revenue, and then cease development.

igorzij 2021-08-18 18:37:03 +0000 UTC [ - ]

Thanks! I couldn't agree with your second point though. You're basically dismissing the entire category of paid-for SaaS developer tools - some of which are clearly very successful. CircleCI, Datadog, Doppler to name a few. Ignoring all of them and only using open source is a very understandable personal choice, but saying that their entire model is broken seems to be a bit of an overstatement.

doyoung 2021-08-18 04:02:46 +0000 UTC [ - ]

Totally agreed. Still kudos to the Lemon team in trying to improve the overall AWS experience.

igorzij 2021-08-17 20:35:44 +0000 UTC [ - ]

Thanks! This is super helpful

What'd be your thoughts on the following options:

- IAM role account-to-account (no credentials sharing)

- Self-hosted webapp that runs in your account

- Mac app so that creds never ever leave your laptop

pachico 2021-08-19 11:19:08 +0000 UTC [ - ]

> - Self-hosted webapp that runs in your account

this is probably as close as I'd get to use it, yes, with a little console that displays all the communications as a prove of good faith, welcoming anyone to spoof network and find out there are no home-calls/telemetry involved.

redhale 2021-08-18 03:04:53 +0000 UTC [ - ]

Make that a Wndows-compatible app and I'm sold.

austinshea 2021-08-17 17:33:58 +0000 UTC [ - ]

Can this be launched internally, such that I am not leaking internal details out to a 3rd party?

I can't imagine adopting this in the companies I've worked for, without that avenue.

igorzij 2021-08-17 17:57:49 +0000 UTC [ - ]

We are working on a self-hosted version, as well as a standalone mac app Both on the roadmap for Q4

swayson 2021-08-17 17:54:08 +0000 UTC [ - ]

+1

igorzij 2021-08-17 18:51:38 +0000 UTC [ - ]

What'd you think of an "intermediate" solution like Mongo Atlas for example - hosted dedicated instance in your region, but managed by us?

loraxclient 2021-08-18 14:51:34 +0000 UTC [ - ]

This looks cool! I spend half the day in terraform and AWS and I’m looking forward to trying this out later today.

Regardless of how that goes, it’s really nice to see a project that addresses this specific area. Way to go!

The AWS console is (at least for the popular services and API endpoints) super effective.

That said, when you’re deploying a project that has components that span almost a dozen services in AWS that can quickly become a dozen tabs just to assess the state of the project. Not very fun - looking forward to seeing how this handles that.

igorzij 2021-08-18 18:33:04 +0000 UTC [ - ]

thank you!! let us know how it goes for you! There's a chat icon at the bottom right or drop me a line at igor@uselemon.io

aphrax 2021-08-17 21:04:41 +0000 UTC [ - ]

Looks good, enjoyed the demo. Fwiw the name Lemon might get a few raised eyebrows here in the UK. Its slang for a dud/ broken thing..

igorzij 2021-08-17 21:29:20 +0000 UTC [ - ]

Oh wow thanks!! totally did not realize that - despite myself living in London) lots to learn

blntechie 2021-08-17 22:14:39 +0000 UTC [ - ]

There is this whole thing called ‘Lemon Law’ to cover what is a lemon and what protection consumers get for their goods if they turn out to be lemons.

QuinnyPig 2021-08-17 14:38:14 +0000 UTC [ - ]

This really needs an “about us” page. Trust (particularly with access to something as sensitive as an AWS account) is important here.

igorzij 2021-08-17 14:46:52 +0000 UTC [ - ]

Thanks!! Super helpful, we haven't considered this

phnofive 2021-08-17 19:27:09 +0000 UTC [ - ]

You've got some references to 'Digger' in your docs - perhaps an old name for the product? - and at least one 404 from there as well.

igorzij 2021-08-17 19:31:29 +0000 UTC [ - ]

Yes, thanks and sorry for that - Digger is the old name and we haven't updated the docs. Will fix!

wizwit999 2021-08-18 09:46:41 +0000 UTC [ - ]

This isn't a good idea.

igorzij 2021-08-18 12:59:56 +0000 UTC [ - ]

why?

wizwit999 2021-08-18 23:01:59 +0000 UTC [ - ]

So a few things. First, I, like many here read your title and took a cursory look at your website, and thought you were literally making an alternative AWS console, which would be a bad idea for many reasons.

But I just looked at your site again, and you're completely misrepresenting yourself by calling yourself an alternative UI for AWS. Youre more like a Kubernetes PaaS on AWS.

There are many similar products, so I don't see a clear differentiation and your product doesn't very clean, but you could maybe possibly have something there.

But your main problem is you're completely mis-selling yourself (or perhaps you're not completely sure what you're building).

igorzij 2021-08-19 11:32:08 +0000 UTC [ - ]

Thanks! This is helpful

bwship 2021-08-17 17:50:43 +0000 UTC [ - ]

We are tackling this same issue, but in a different way. A unified UI for AWS and LocalStack. https://getcommandeer.com

igorzij 2021-08-17 17:56:15 +0000 UTC [ - ]

Very cool! We're also considering building a mac app, that elegantly solves all the access control / compliance concerns

The downside is that in client-only arrangement state is no longer centrally managed; I wonder how do you solve that? Or do you have a "hybrid" model with some parts on the client and others on the server?

bwship 2021-08-17 18:07:41 +0000 UTC [ - ]

So everything is done between the client app and AWS. Under the hood it is using the AWS SDK. We don't store any keys or any of your data on our servers. So, the user has to have access keys, and they can also have their session token. We also have it setup that it can read from your .aws/credentials file, so if you have a process that automatically updates that file, the session token is also automatically updated in the app.

itisit 2021-08-17 17:40:30 +0000 UTC [ - ]

Great. More abstraction.

dang 2021-08-17 18:20:55 +0000 UTC [ - ]

"Don't be snarky."

"Please don't post shallow dismissals, especially of other people's work. A good critical comment teaches us something."

https://news.ycombinator.com/newsguidelines.html

"Be respectful. Anyone sharing work is making a contribution, however modest."

"When something isn't good, you needn't pretend that it is, but don't be gratuitously negative."

https://news.ycombinator.com/showhn.html

igorzij 2021-08-17 18:54:53 +0000 UTC [ - ]

Thanks!!

One of our fundamental challenges was and to some extent still is to strike the right balance. On the one hand, some high-level concepts are clearly needed because it's got so complex in the last decade. But on the other hand it can't be opague, low-level access and control are still needed because no stack is the same.

We believe we got this somewhat right by combining click-ops and Terraform into one seamless experience.